Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/288fb7c1-6c49-475a-9dd0-2637b4e09492.roa
File: 288fb7c1-6c49-475a-9dd0-2637b4e09492.roa (raw, json)
Hash identifier: pPpUiJHjbb2CEr2pUuvlB9u0FJWvAwbwKE3kn3feu18=
Subject key identifier: 49:F5:DB:34:AF:C8:F5:C6:3A:F1:EE:C0:CE:37:24:A3:7D:30:59:E0
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 232653EF4B79C5214BF04DE149B821709A88A3B8
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/288fb7c1-6c49-475a-9dd0-2637b4e09492.roa
Signing time: Mon 01 Sep 2025 21:10:33 +0000
ROA not before: Mon 01 Sep 2025 21:10:33 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01e:400::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
23:26:53:ef:4b:79:c5:21:4b:f0:4d:e1:49:b8:21:70:9a:88:a3:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 21:10:33 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=7026010c6a357744b6d4f432aaefa302065e17e986dd8cc0c4a77cb66ad78e3e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:b5:e6:a6:c7:6a:22:ff:c2:15:55:34:13:5b:
19:1e:74:39:4d:41:2c:b8:1a:9d:39:f7:7a:00:77:
7b:8b:0f:6f:b6:db:2d:ea:b5:05:f0:18:66:7e:01:
04:06:68:d6:85:69:22:bb:a9:60:93:65:f1:88:9b:
37:37:4c:e8:fe:09:b1:56:73:02:1e:fe:40:b9:74:
8e:4b:02:40:57:e2:e6:a6:55:d1:c5:d4:7f:7b:0e:
6b:9b:54:21:55:94:c4:9f:c4:47:15:67:ec:1a:18:
6e:e9:cd:f5:63:5c:cc:a0:69:d0:eb:0a:be:af:7b:
1b:9b:9d:80:6e:e2:84:b1:2c:9a:12:67:40:e0:7e:
fe:66:19:d9:4d:1e:60:8c:bd:e9:98:8b:4b:5d:1c:
d1:59:3c:b6:1a:01:b5:ad:be:55:f0:1a:a8:d9:d1:
37:25:21:e7:c1:29:27:6b:66:5d:72:ce:a2:e9:d6:
33:18:f2:b4:b2:72:89:b2:8c:20:2a:ac:05:84:22:
e7:01:56:98:85:5d:e0:60:1d:43:75:90:00:6e:74:
01:64:ad:89:9a:29:57:54:a4:0d:50:21:00:88:db:
10:e3:6f:8c:8b:6a:e1:98:aa:a4:ae:ec:8f:91:e1:
d6:df:61:6e:11:24:ca:4f:35:53:df:c7:6d:5b:36:
c2:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:F5:DB:34:AF:C8:F5:C6:3A:F1:EE:C0:CE:37:24:A3:7D:30:59:E0
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/288fb7c1-6c49-475a-9dd0-2637b4e09492.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01e:400::/38
Signature Algorithm: sha256WithRSAEncryption
a3:30:19:e3:c7:41:a4:99:55:5b:75:44:58:91:a5:8d:34:21:
30:e5:c6:61:38:ac:ca:01:76:59:49:99:92:ca:a8:30:0f:4e:
a9:07:d3:4f:c6:c5:9c:fb:2b:12:45:0b:13:9a:49:cf:66:02:
36:32:10:42:81:19:d4:d4:a8:52:f7:e9:49:5a:c2:12:ca:56:
1f:42:fb:4d:2a:c8:b6:c9:02:c4:d9:2e:b3:3d:0a:57:5e:c8:
fe:ff:a8:b9:5d:ba:9d:42:35:6d:ab:6a:3a:fa:a2:5e:00:69:
cd:33:6d:ec:c2:2c:4c:09:2a:4a:8e:24:f9:5f:52:27:02:7b:
7a:51:39:ce:75:3c:90:6d:97:74:cd:cb:2c:64:de:04:08:de:
92:34:95:56:43:9e:3b:56:3b:16:10:28:b3:0e:3e:26:23:fa:
23:10:2f:61:3c:32:00:e8:4c:c7:c4:c7:9e:9b:35:31:be:18:
54:a7:df:c8:f3:ed:b8:d4:e9:52:73:86:4b:83:4c:d2:20:be:
ea:7a:84:a4:ab:ee:1b:79:b7:f6:cb:9b:e0:2b:f1:6e:76:27:
15:4c:20:5f:0f:62:54:07:25:ca:5e:dd:3c:4f:05:26:cd:22:
0b:bc:8b:b9:5a:8b:ad:48:13:44:f3:ba:f9:6c:5d:e2:41:6c:
8b:6e:af:af
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUIyZT70t5xSFL8E3hSbghcJqIo7gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMTEwMzNaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDcwMjYwMTBjNmEzNTc3NDRiNmQ0ZjQzMmFhZWZhMzAyMDY1ZTE3ZTk4NmRk
OGNjMGM0YTc3Y2I2NmFkNzhlM2UxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALa15qbHaiL/whVVNBNbGR50OU1BLLganTn3egB3e4sPb7bbLeq1BfAYZn4B
BAZo1oVpIrupYJNl8YibNzdM6P4JsVZzAh7+QLl0jksCQFfi5qZV0cXUf3sOa5tU
IVWUxJ/ERxVn7BoYbunN9WNczKBp0OsKvq97G5udgG7ihLEsmhJnQOB+/mYZ2U0e
YIy96ZiLS10c0Vk8thoBta2+VfAaqNnRNyUh58EpJ2tmXXLOounWMxjytLJyibKM
ICqsBYQi5wFWmIVd4GAdQ3WQAG50AWStiZopV1SkDVAhAIjbEONvjItq4ZiqpK7s
j5Hh1t9hbhEkyk81U9/HbVs2wvECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRJ9ds0
r8j1xjrx7sDONySjfTBZ4DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Mjg4ZmI3YzEtNmM0OS00NzVhLTlkZDAtMjYzN2I0ZTA5NDkyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0B4E
MA0GCSqGSIb3DQEBCwUAA4IBAQCjMBnjx0GkmVVbdURYkaWNNCEw5cZhOKzKAXZZ
SZmSyqgwD06pB9NPxsWc+ysSRQsTmknPZgI2MhBCgRnU1KhS9+lJWsISylYfQvtN
Ksi2yQLE2S6zPQpXXsj+/6i5XbqdQjVtq2o6+qJeAGnNM23swixMCSpKjiT5X1In
Ant6UTnOdTyQbZd0zcssZN4ECN6SNJVWQ547VjsWECizDj4mI/ojEC9hPDIA6EzH
xMeemzUxvhhUp9/I8+241OlSc4ZLg0zSIL7qeoSkq+4bebf2y5vgK/FudicVTCBf
D2JUByXKXt08TwUmzSILvIu5WoutSBNE87r5bF3iQWyLbq+v
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:09:24 2025 by rpki-client